package com.adam.management.controller;

import com.adam.management.response.ResponseData;
import com.adam.management.service.UserService;
import com.alibaba.fastjson.JSON;
import com.fasterxml.jackson.databind.ObjectMapper;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler;
import org.springframework.stereotype.Component;

import javax.annotation.Resource;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.PrintWriter;

/**
 * @projectName: adam-management-system
 * @description:
 * @author: Adam
 * @create: 2019-12-01 18:23
 **/

@Component("UserLoginAuthenticationFailureHandler")
public class UserLoginAuthenticationFailureHandler extends SimpleUrlAuthenticationFailureHandler {

    @Resource
    private UserService userService;

    @Autowired
    private ObjectMapper mapper;


    @Override
    public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response, org.springframework.security.core.AuthenticationException exception) throws IOException, ServletException {

        //Spring Security根据登录失败的原因封装了许多对应的实现类，查看AuthenticationException的Hierarchy
        //不同的失败原因对应不同的异常，比如用户名或密码错误对应的是BadCredentialsException，
        //用户不存在对应的是UsernameNotFoundException，用户被锁定对应的是LockedException等。

        ResponseData<String> responseData = new ResponseData<>();

        if (exception.getMessage().equals("用户不存在")){
            responseData.setCode(402);
            responseData.setMessage("用户不存在");
        }


        if(exception.getMessage().equals("Bad credentials")){
            //jsonData = new JsonData(403,"密码错误");
            // String user_name =userService.findByUserNameAttemps(username);
            // if (user_name == null){
            //     String time = DateUtil.getTimeToString();
            //     UserLoginAttempts userLoginAttempts = new UserLoginAttempts(username,1,time);
            //     userService.saveAttempts(userLoginAttempts);
            // }


            // if(userService.getAttempts(username) == 1){
            //     String time = DateUtil.getTimeToString();
            //     userService.setAttempts(username,time);
            //     jsonData = new JsonData(403,"密码错误,你还有2次机会进行登录操作");
            // }
            // else if(userService.getAttempts(username) == 3){
            //     User user = userService.findByUserName(username);
            //     userService.LockUser(user.getId());
            //     jsonData = new JsonData(403,"最后一次尝试登陆失败，你已经被冻结了");
            // }
            // else if (userService.getAttempts(username) ==2 ){
            //     String time = DateUtil.getTimeToString();
            //     userService.setAttempts(username,time);
            //     jsonData = new JsonData(403,"密码错误,你还有1次机会进行登录操作");
            // }
            responseData.setCode(403);
            responseData.setMessage("密码错误");

        }


        // if (exception.getMessage().equals("User account is locked")){
        //     jsonData = new JsonData(100,"LOCK");
        // }

        //登录失败的时候返回失败信息
        /*response.setStatus(HttpStatus.INTERNAL_SERVER_ERROR.value());
        response.setContentType("application/json;charset=utf-8");
        response.getWriter().write(mapper.writeValueAsString(exception.getMessage()));*/


        String json = JSON.toJSONString(responseData);
        response.setContentType("application/json;charset=utf-8");
        PrintWriter out = response.getWriter();

        out.write(json);
        out.flush();
        out.close();

    }
}
